I’m attempting to compile Suricata 6.0 from source, and I’m running into a missing function:
util-ebpf.c:359:13: error: implicit declaration of function 'bpf_program__set_ifindex' is invalid in C99 [-Werror,-Wimplicit-function-declaration]
bpf_program__set_ifindex(bpfprog, ifindex);
Indeed, when I look at /usr/local/include/bpf/libbpf.h this function doesn’t exist and so, presumably, was added in a newer kernel (I’m using 4.19.76).
I did, however, previously have Suricata (version 4.1.4) compiled on this kernel with eBPF support… so I’m wondering if there’s a solution here to have Suricata 6.0 compiled on Linux 4.19.76 w/ eBPF support?
Is it possible this call is optional and can be ifdef’d for my build? I can’t seem to find reasonable docs on this function call.
Thanks,
Jeff